﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using Ghy.Soft.Domain.Entities;
using System.Web.Security;

namespace Ghy.Soft.Web.Controllers.AopController
{
    public class OwnAttribute : AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            bool isAllow = false;
            object permissionString = filterContext.RequestContext.HttpContext.Session["Permission"];
            if (permissionString!=null)
            {
                AdminPermission userPermission = (AdminPermission)Enum.Parse(typeof(AdminPermission), permissionString.ToString());
                if (userPermission >= this.Permission)
                {
                    isAllow = true;
                }
            }
            if (!isAllow)
            {
                filterContext.RequestContext.HttpContext.Response.Write("无权访问");
                filterContext.RequestContext.HttpContext.Response.End();
            }
        }

        private AdminPermission Permission;
        public OwnAttribute(AdminPermission Permission)
        {
            this.Permission = Permission;
        }
    }
}